After being largely off-grid over the weekend, I returned home late last night just as a problem with our server (not just our website, but many of them served by the same system) was coming to light. It's still unclear what happened, that's being investigated, but the result is the site had to be restored from an older backup.

In the bargain, some article comments (including some of my own) were lost, though I'm going to try to restore some of them manually today as I can, where I have the material available to do so. Where I don't, I'll see if I can get the rest from the NSA. My apologies for any comments that I cannot restore. The upside is that at least we hadn't posted a lot of new articles over the weekend while I was on the road, so not too much new material was lost.

I was planning for it to be an unavoidably busy day today anyway, as I scrambled to get caught up from several days off-line after an otherwise interesting and largely fruitful visit to Netroots Nation 2013 and related missions. Given the fast moving news events of the last few days, it was clearly going to be a race to catch-up. Now it'll just be that much busier, and that much longer before we're fully back up to speed here. So, my apologies for that as well...and thanks in advance for your patience...

I sent a comment re. investigations of Michael Hastings' car crash: Researchers at the University of Washington and Univ. of Calif., San Diego demonstrated in 2010 that with physical access to a car's electronic Engine Control Unit (ECU), a hacker could "adversarially control a wide range of automotive functions and completely ignore driver input, including disabling the brakes, selectively braking individual wheels on demand, stopping the engine, and so on." That same year, researchers from the University of South Carolina and Rutgers University similarly demonstrated being able to remotely activate a car's low tire pressure warning light while driving in another car from 120 feet away using low-cost equipment. In fact, some ECU's are specifically designed to allow a remote operator to override various electronically controlled functions of a vehicle using special cell phone transmissions.

The ECU's were first introduced in the 1970's as a means to boost fuel efficiency but have since become integrated into virtually every aspect of a car's functioning and diagnostics including throttle, brakes, transmission, climate control, lights, entertainment, blue tooth enabled devices, communication systems, etc. Physical access to a car's ECU for hacking and reprogramming can be done by simply plugging in a laptop or other miniaturized processor into that vehicle's federally mandated On-Board Diagnostic Port (ODB-II Port) which are now located under the dash of virtually all modern vehicles. A remote operator having a wireless link to the processor plugged into the OBD-II Port could also remotely hack into and override the normal electronically controlled functions of the ECU at any time.

Some have asserted that the current design safeguards and legal requirements for providing a reasonable amount of security for automobile ECU's against the possibility of malicious hacking are inadequate.

It may be noteworthy in this regard that Hastings' vehicle was videotaped traveling southbound on Highland Avenue at a very high rate of speed through a red light at a major intersection (with Santa Monica Blvd.) without slowing just about four blocks from the ultimate crash site.

Shortly afterward, an eye-witness (Jose Rubalcava) reported seeing the vehicle traveling at apparently full speed plow through another intersection (at Melrose) without slowing where it apparently hit some kind of pothole, bump, dip or other obstruction causing it to bounce up and down onto the pavement "three or four times" with sparks and flames visible underneath the vehicle near the gas tank. At some point the impacts caused the car's transmission to separate from the car and continue sliding down Highland, but the vehicle itself then reportedly appeared to go totally out of control and swerved onto a median on Highland where it finally crashed into a palm tree.

Just as we have laws requiring tamper resistant containers to help protect against malicious persons putting harmful substances into our medications and foods, should not we now require that vehicles operated using Electronic Control Units or other computer processing units also be designed to protect against the possible introduction of malicious programs by hackers? For example, we certainly should have security systems that would prevent a hacker from embedding malicious code into a car's ECU or telematics unit that will completely erase any evidence of its presence after a crash.

(See, "Experimental Security Analysis of a Modern Automobile," in 2010 "Symposium on Security and Privacy," and http://www.autosec.org/ for more information